Allergan
Company Description
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on X, Facebook, Instagram, YouTube, LinkedIn and Tik Tok.
Job Description Become a key player in our Information Security team as a SeniorDevSecOpsEngineer, where you willleverageyourexpertisein application securityandsecurity engineering to support and enhance our codescanningandfinding managementprocesses. This role involves the implementation and administration of application security tooling, integrationof scanninginto CI/CD pipelines, and building or implementing automated finding management technologies tofacilitatedeveloper remediation activities.
This position can be virtually anywhere in the U.S.
Responsibilities:
Implementing andmaintainingApplication Security Testing (AST) tools(SAST,DAST,IAST,SCA, etc.)toidentifyvulnerabilitiesand configuration issuesduring the software development lifecycle.
Implementing andmaintainingtools (such asApplication Security Posture Management/ASPM)to centralize and deduplicate findings from multiplesolutions and integratereportinginto software developmentworkflows.
Integrating security tooling withlarge-scale enterpriseCI/CD pipelines.
Buildingand managingtoolingand processestodrive efficientDevSecOpsoperations.
Qualifications Required:
BachelorsDegree and 7years experienceORMastersDegree and 6years experienceOR PhD and2 years experience
4+ years of experience insecurity engineering and/orDevSecOpswith a focus on security process automation
2+ years of experience implementing, administering, and supporting application security tooling such as SAST/DAST/IAST/SCA
Demonstrated experience designing, building, andoptimizingCI/CD pipelines(such as GitHub Actions and Azure DevOps)for large-scale enterprise environments, including integrating security testing solutions,for both on-premises and cloud environments to ensure secure, efficient, and compliant software delivery throughout the development lifecycle
Ability to effectively communicateanddocumenttechnical findings to both technical and non-technical stakeholders
Experience automating workflows via programming languages such as Python
Preferred:
Experienceimplementingcustomor commercialsolutions(such as Application Security Posture Management (ASPM) tooling)toautomateDevSecOpsprocesses,manage scan findings,andintegrate withdeveloperworkflows
Experienceimplementing andmaintainingcontainer security in enterprise environments,utilizingindustry-leading tools and practices for vulnerability management, image scanning, access control, and runtime protection to safeguard applications throughout the container lifecycle.
Experience administeringSnykin large enterprise environments
Experienceintegrating securitytooling and processeswithJfrogArtifactoryorotherartifact repositories
Proven experience managing, storing, and distributing build artifacts at scale in enterprise environments, implementing best practices for artifact versioning, security, and traceability to support robust, efficient, and compliant software delivery pipelines
Additional Information
The compensation range described below is the range of possible base pay compensation that the Companybelieves ingood faith it will pay for this role at the timeof this posting based on the job grade for this position.Individualcompensation paid within this range will depend on many factors including geographic location, andwemay ultimatelypay more or less than the posted range. This range may be modified in thefuture.
We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick),medical/dental/visioninsurance and 401(k) to eligibleemployees.
This job is eligible to participate in our short-term incentiveprograms.
Note: No amount of payis considered to bewages or compensation until such amount is earned, vested, anddeterminable.The amount and availability of any bonus,commission, incentive, benefits, or any other form ofcompensation and benefitsthat are allocable to a particular employee remains in the Company's sole andabsolutediscretion unless and until paid andmay be modified at the Company’s sole and absolute discretion, consistent withapplicable law.
AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.
US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more: https://www.abbvie.com/join-us/reasonable-accommodations.html
#J-18808-Ljbffr
Job Description Become a key player in our Information Security team as a SeniorDevSecOpsEngineer, where you willleverageyourexpertisein application securityandsecurity engineering to support and enhance our codescanningandfinding managementprocesses. This role involves the implementation and administration of application security tooling, integrationof scanninginto CI/CD pipelines, and building or implementing automated finding management technologies tofacilitatedeveloper remediation activities.
This position can be virtually anywhere in the U.S.
Responsibilities:
Implementing andmaintainingApplication Security Testing (AST) tools(SAST,DAST,IAST,SCA, etc.)toidentifyvulnerabilitiesand configuration issuesduring the software development lifecycle.
Implementing andmaintainingtools (such asApplication Security Posture Management/ASPM)to centralize and deduplicate findings from multiplesolutions and integratereportinginto software developmentworkflows.
Integrating security tooling withlarge-scale enterpriseCI/CD pipelines.
Buildingand managingtoolingand processestodrive efficientDevSecOpsoperations.
Qualifications Required:
BachelorsDegree and 7years experienceORMastersDegree and 6years experienceOR PhD and2 years experience
4+ years of experience insecurity engineering and/orDevSecOpswith a focus on security process automation
2+ years of experience implementing, administering, and supporting application security tooling such as SAST/DAST/IAST/SCA
Demonstrated experience designing, building, andoptimizingCI/CD pipelines(such as GitHub Actions and Azure DevOps)for large-scale enterprise environments, including integrating security testing solutions,for both on-premises and cloud environments to ensure secure, efficient, and compliant software delivery throughout the development lifecycle
Ability to effectively communicateanddocumenttechnical findings to both technical and non-technical stakeholders
Experience automating workflows via programming languages such as Python
Preferred:
Experienceimplementingcustomor commercialsolutions(such as Application Security Posture Management (ASPM) tooling)toautomateDevSecOpsprocesses,manage scan findings,andintegrate withdeveloperworkflows
Experienceimplementing andmaintainingcontainer security in enterprise environments,utilizingindustry-leading tools and practices for vulnerability management, image scanning, access control, and runtime protection to safeguard applications throughout the container lifecycle.
Experience administeringSnykin large enterprise environments
Experienceintegrating securitytooling and processeswithJfrogArtifactoryorotherartifact repositories
Proven experience managing, storing, and distributing build artifacts at scale in enterprise environments, implementing best practices for artifact versioning, security, and traceability to support robust, efficient, and compliant software delivery pipelines
Additional Information
The compensation range described below is the range of possible base pay compensation that the Companybelieves ingood faith it will pay for this role at the timeof this posting based on the job grade for this position.Individualcompensation paid within this range will depend on many factors including geographic location, andwemay ultimatelypay more or less than the posted range. This range may be modified in thefuture.
We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick),medical/dental/visioninsurance and 401(k) to eligibleemployees.
This job is eligible to participate in our short-term incentiveprograms.
Note: No amount of payis considered to bewages or compensation until such amount is earned, vested, anddeterminable.The amount and availability of any bonus,commission, incentive, benefits, or any other form ofcompensation and benefitsthat are allocable to a particular employee remains in the Company's sole andabsolutediscretion unless and until paid andmay be modified at the Company’s sole and absolute discretion, consistent withapplicable law.
AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.
US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more: https://www.abbvie.com/join-us/reasonable-accommodations.html
#J-18808-Ljbffr